Add explicit DNS settings

2026-03-07 08:17:22 +00:00 · 2026-03-06 14:22:16 +01:00 · 2026-03-06 14:22:16 +01:00 · be5d7e36fb
commit be5d7e36fb
parent 7ef167338e
2 changed files with 58 additions and 0 deletions
--- a/root/etc/NetworkManager/conf.d/ignore-auto-dns.conf
+++ b/root/etc/NetworkManager/conf.d/ignore-auto-dns.conf
@ -0,0 +1,10 @@
+# Ignore DNS servers advertised by networks (e.g. via DHCP).
+#
+# This makes NetworkManager refuse automatically provided DNS and lets
+# systemd-resolved fall back to the configured global resolvers instead.
+#
+# Individual connections can override this:
+#   nmcli connection modify <connection> ipv4.ignore-auto-dns no ipv6.ignore-auto-dns no
+[connection]
+ipv4.ignore-auto-dns=true
+ipv6.ignore-auto-dns=true
--- a/root/etc/systemd/resolved.conf
+++ b/root/etc/systemd/resolved.conf
@ -0,0 +1,48 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it under the
+#  terms of the GNU Lesser General Public License as published by the Free
+#  Software Foundation; either version 2.1 of the License, or (at your option)
+#  any later version.
+#
+# Entries in this file show the compile time defaults. Local configuration
+# should be created by either modifying this file (or a copy of it placed in
+# /etc/ if the original file is shipped in /usr/), or by creating "drop-ins" in
+# the /etc/systemd/resolved.conf.d/ directory. The latter is generally
+# recommended. Defaults can be restored by simply deleting the main
+# configuration file and all drop-ins located in /etc/.
+#
+# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
+#
+# See resolved.conf(5) for details.
+
+[Resolve]
+# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
+# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
+# Google:     8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
+# Quad9:      9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
+#
+# Using DNS= configures global DNS servers and does not suppress link-specific
+# configuration. Parallel requests will be sent to per-link DNS servers
+# configured automatically by systemd-networkd.service(8), NetworkManager(8), or
+# similar management services, or configured manually via resolvectl(1). See
+# resolved.conf(5) and systemd-resolved(8) for more details.
+#DNS=
+FallbackDNS=9.9.9.9#dns.quad9.net 2620:fe::9#dns.quad9.net 1.1.1.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com
+#Domains=
+#DNSSEC=no
+DNSOverTLS=yes
+#MulticastDNS=yes
+#LLMNR=yes
+#Cache=yes
+#CacheFromLocalhost=no
+#DNSStubListener=yes
+#DNSStubListenerExtra=
+#ReadEtcHosts=yes
+#ResolveUnicastSingleLabel=no
+#StaleRetentionSec=0
+#RefuseRecordTypes=
+
+# Additionally listen on on an IP within the docker0 interface, to allow DNS
+# resolution from docker to be passed through to systemd-resolved
+DNSStubListenerExtra=192.168.65.1